Is guard64.dll and guard32.dll needed for firewall only users?

I’ll try to make a long story short. If you didn’t know, Grand Theft Auto V for PC released Tuesday at midnight GMT which was 6pm Monday night my local time. I was eager to play GTA Online with some friends, but I couldn’t get the game to run as the launcher (GTAVLauncher.exe) would crash. None of my friends had this problem, so they went on without me. There were quite a few people having this problem, and some workarounds posted on various forums seemed to work for some people and not others. None worked for me. It took me until Wednesday night to figure out the cause of the problem for me, which turned out to be COMODO’s guard64.dll. To fix the game from crashing I had to add an exclusion for GTAVLauncher.exe under the Defense+ settings next to the Detect shellcode injections.

I only use the Firewall part of COMODO. I have Defense+ and sandbox disabled. I thought the guardXX.dll files were part of the Defense+ part of COMODO, so should it still be loading them? Even though Defense+ is disabled, the Detect shellcode injections was still checked, but unchecking it and restarting I see the guardXX.dll still being loaded into every application.

If the guardXX.dll files are only needed for Defense+, is it safe for me to disable it from loading by removing it from the registry?

The guardxx.dll files are related to D+. Their function is to reduce the number of alerts. They are not involved with the Exclusions fo Detect shellcode injections.

Does adding GTAVLauncher.exe to the Exclusions fix the problem for you or is it is also necessary to disabled guardxx.dll files? That’s not clear from your story.

Just adding the GTAVLauncher.exe to the exclusions stops it from crashing.

I had been searching for a fix with no luck. Then I searched for something different and found a post here on the COMODO forums about the guardXX.dll causing something to crash. Someone linked to this post for disabling it completely via the registry or adding an exception.

Like I said, adding the exception fixes the crash. Since I’m not using Defense+ and the guardXX.dll’s are only part of Defense+, then I’m going to completely disable them from loading by editing the registry. Shouldn’t COMODO stop injecting these modules when Defense+ is disabled? Right now, using ProcessHacker, every process running has guard32.dll or guard64.dll loaded into its modules.

If it ain’t broken don’t fix it I would say. So I would keep the guardxx.dll’s loaded. They are part of Defense + and as you noticed get loaded in all running processes. Their task is to lessen the amount of alerts. They rarely cause compatibility issues.

You can no longer use the Appint registry to prevent guard32/64.dll from being loaded as that is no longer a supported way to inject custom dlls and Comodo does not use this method anymore. In order to stop the dll from being loaded in every application you must the “All Applications” file group to the detect shellcode injections exclusion list.